CISA releases 6 Industrial Control Systems Advisories
Cybersecurity and Infrastructure Security Agency sent this bulletin at 06/28/2022 01:30 PM EDT
You are subscribed to Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
This advisory contains mitigations for an Incorrect Default Permissions vulnerability in ABB e-Design engineering software.
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
This advisory contains mitigations for a SQL Injection, Missing Authentication for Critical Function, Relative Path Traversal, and Command Injection vulnerabilities in Advantech iView management software.
This advisory contains mitigations for a missing authentication for critical function vulnerability in the Motorola Solutions MOSCAD IP and ACE IP Gateways products.
This advisory contains mitigations for Use of a Broken or Risky Cryptographic Algorithm, and Plaintext Storage of a Password vulnerabilities in the Motorola Solutions MDLC protocol parser.
This advisory contains mitigations for Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, and Insufficient Verification of Data Authenticity vulnerabilities in the Motorola Solutions ACE1000 remote terminal unit.